Privacy policy

XPURE GmbH

Privacy policy

We only process personal data as necessary and for the purpose of providing a functional and user-friendly website.

According to Art. 4(1) of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), “processing” means any procedure performed upon personal data, whether or not by automated means, such as collecting, recording, organising, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning or combining, restricting, erasing or destroying.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of processing. In addition, we inform you below about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data under their own responsibility.

Our privacy policy is structured as follows:

I. Information about us as the responsible party
II. Rights of users and data subjects
III. Information on data processing
IV. Data protection information in accordance with the EU General Data Protection Regulation

I. Information about us as the responsible party

The party responsible for this website as stipulated by data protection legislation is:

IT Sonix Custom Development GmbH
Managing director: Dr. Andreas Lassmann
Georgiring 3
04103 Leipzig
Germany

Telephone: +49 341 355 76-0
Email: info@itsonix.eu

The provider’s data protection officer is:

Holger Flemig
EPRO Consult Dr. Prössel und Partner GmbH

Email: itsonix-gmbh@epro-consult.de

II. Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right

  • To receive confirmation concerning whether data related to them is being processed, to receive information about the data being processed, to receive further information about data processing and to receive copies of the data (see also Art. 15 GDPR);
  • To correct or complete incorrect or incomplete data (see also Art. 16 GDPR);
  • To have data related to them deleted immediately ( see also Art. 17 GDPR), or, alternatively, if further processing is necessary as stipulated in Art. 17(3) GDPR, to restrict said processing as per Art. 18 GDPR;
  • To receive the data related to them and provided by them and to transmit this data to other providers/controllers ( see also Art. 20 GDPR);
  • To lodge a complaint with a supervisory authority if they believe that data concerning them is being processed by the provider in breach of data protection provisions ( see also Art. 77 GDPR).


In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or restriction of processing that takes place on the basis of Arts. 16, 17(1), 18 GDPR. However, this obligation shall not apply if such notification is impossible or involves disproportionate effort. Without prejudice to this, the user has a right to information about these recipients.

Likewise, in accordance with Art. 21 GDPR, users and data subjects have the right to object to the future processing of data related to them, provided that the data is processed by the provider in accordance with Art. 6(1)(f) GDPR. In particular, they can object to the processing of data for the purpose of direct advertising.

III. Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Server data

Data is transmitted by your Internet browser to us or to our web space provider and stored in server log files for technical reasons, in particular to ensure a secure and stable website. These server log files are used to collect information such as the type and version of your Internet browser, the operating system, the website from which you accessed our website (referrer URL), the page(s) of our website that you visit, the date and time of each access, the IP address of the Internet connection from which our website is used, the amount of data transferred and the requesting provider.

The data collected in this way is temporarily stored but not together with other data related to you.

This storage takes place on the legal basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted again after seven days at the latest unless further storage is required for purposes of evidence. Otherwise, the data is exempt from erasure in whole or in part until final clarification of the incident.

Cookies

Our website uses cookies. Cookies are small text files or other storage technologies that are placed and stored on your computer by your Internet browser. These cookies allow certain information about you to be processed on an individual basis. This processing makes our website more user-friendly, effective and secure.

The cookies we use are categorised as follows:

  • Session cookies
  • Functional cookies


You can prevent or restrict the installation of cookies using your Internet browser settings. You can also delete stored cookies at any time. However, the steps and measures required to do this depend on the specific Internet browser you use. Therefore, if you have any questions, please use the help function or consult the documentation of your Internet browser or contact its maker for support.

However, if you prevent or restrict the installation of cookies, not all of the functions of our website may be fully usable.

Cookies used
Session cookies – strictly necessary cookies
Name Description (stored information and purpose) Domain Expiry
grav-site-e8402e7 CMS session cookie
Serves to ensure a user-friendly visit to our website.
itsonix.eu 30 minutes


Functional cookies – strictly necessary cookies
Name Description (stored information and purpose) Domain Expiry
complianceCookie Used to store cookie consent information – which cookies and scripts are set. itsonix.eu 180 days


Online job applications / publication of vacancies

Job applications

We give you the option of applying to us via our website. For these digital applications, your applicant and application data will be collected and processed electronically by us for the purpose of handling the application process.

The legal basis for this processing is Section 26(1) sentence 1 of the German Federal Data Protection Act (BDSG) in conjunction with Art. 88(1) GDPR.

If an employment contract is concluded after the application process, we will store the data you submitted during the application in your personnel file for the purpose of the usual organisational and administrative process; this is, of course, done in compliance with the more extensive legal obligations.

The legal basis for this processing is also Section 26(1) sentence 1 of the BDSG in conjunction with Art. 88(1) GDPR.

In the event that an application is rejected, we will automatically erase the data submitted to us two months after notification of the rejection. However, the data will not be erased if it is required to be stored for a longer period of up to four months or until the conclusion of legal proceedings due to legal provisions, e.g. due to the obligation to provide evidence according to the German General Equal Treatment Act (AGG).

The legal basis in this case is Art. 6(1)(F) GDPR and Section 24(1) no. 2 BDSG. Our legitimate interest lies in legal defence or enforcement of rights.

If you expressly consent to your data being stored for a longer period of time, e.g. for the purpose of your inclusion in a database of applicants or interested parties, the data will be processed on the basis of your consent. The legal basis is then Art. 6(1)(a) GDPR. However, you can of course withdraw your consent at any time in accordance with Art. 7(3) GDPR by making a declaration to us with effect for the future.

Contact requests/contact options

If you contact us via the contact form or email, the data you provide will be used to process your request. You must provide this data so that we can process and answer your enquiry – without it, we will not be able answer your enquiry at all or only to a limited extent.

The legal basis for processing data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact is intended for the conclusion of a contract or takes place within the framework of an existing contractual relationship, the additional legal basis for the processing is Art. 6(1)(b) GDPR.

Your data will be erased as soon as your enquiry has been conclusively answered and there are no legal obligations to retain the data, e.g. in the case of subsequent contract processing.

IV. Data protection information in accordance with the EU General Data Protection Regulation

The data protection information pursuant to the EU General Data Protection Regulation for authorised representatives/agents of "legal entities" pursuant to Art. 12 ff. GDPR and data protection information in accordance with the EU General Data Protection Regulation for Applicants in accordance with Art. 12 ff. GDPR apply in addition to this website-specific privacy policy information.